Lucene search
K
CvelistMost viewed

364887 matches found

Cvelist
Cvelist
added 1999/09/29 4:0 a.m.71 views

CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs...

6.4AI score0.25788EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 3:36 a.m.70 views

CVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

5CVSS0.0009EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 10:1 p.m.70 views

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS0.00433EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/05 10:31 a.m.70 views

CVE-2026-50256 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS0.00157EPSS
Exploits0References23
Cvelist
Cvelist
added 2026/06/01 7:22 a.m.70 views

CVE-2026-45505 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Jolokia `addNetworkConnector` Discovery Wrapper Bypass

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...

0.00577EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 1:0 p.m.70 views

CVE-2026-6474 PostgreSQL timeofday() can disclose portions of server memory

Externally-controlled format string in PostgreSQL timeofday function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected...

4.3CVSS0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 10:6 p.m.70 views

CVE-2026-32993

Improper sanitization of the status query parameter of the /unprotected/novaerror endpoint allows unauthenticated attacker to inject arbitrary HTTP header to the response...

8.3CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 7:44 a.m.70 views

CVE-2026-3004 Snow Monkey Blocks <= 24.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-slick' Attribute

The Snow Monkey Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-slick' attribute in all versions up to, and including, 24.1.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00188EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/11 5:20 p.m.70 views

CVE-2026-43894 jq: Wild stack write via signed-integer overflow in decNumber D2U() macro

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

6.2CVSS0.00158EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/10 11:45 p.m.70 views

CVE-2026-8254 Devs Palace ERP Online sales_save cross site scripting

A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/salessave. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the...

4.8CVSS0.00253EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.70 views

CVE-2026-44117 OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS0.00236EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.70 views

CVE-2026-31627 i2c: s3c24xx: check the size of the SMBUS message before using it

In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2CSMBUSBLOCKMAX before processing it. This i...

7.8CVSS0.00131EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/03/23 8:15 p.m.70 views

CVE-2026-4597 648540858 wvp-GB28181-pro Stream Proxy Query StreamProxyProvider.java selectAll sql injection

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/24 5:11 p.m.70 views

CVE-2025-14963

A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver BYOVD was leveraged to gain access to the critical Windows process memory lsass.exe Loc...

7.1CVSS0.001EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 5:27 p.m.70 views

CVE-2026-0651 Path Traversal on TP-Link Tapo D235 and C260 via Local https

A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...

6.9CVSS0.00303EPSS
Exploits2References6
Cvelist
Cvelist
added 2026/02/04 4:8 p.m.70 views

CVE-2026-23081 net: phy: intel-xway: fix OF node refcount leakage

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...

0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/22 7:29 p.m.70 views

CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...

8.2CVSS0.00354EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/13 9:8 p.m.70 views

CVE-2025-9713

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.14805EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 3:11 p.m.70 views

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.13471EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 5:9 p.m.70 views

CVE-2025-53760 Microsoft SharePoint Elevation of Privilege Vulnerability

...

7.1CVSS0.11126EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/01 8:38 p.m.70 views

CVE-2013-10059 D-Link Routers tools_vct.htm OS Command Injection

An authenticated OS command injection vulnerability exists in various D-Link routers tested on DIR-615H1 running firmware version 8.04 via the toolsvct.htm endpoint. The web interface fails to sanitize input passed from the pingipaddr parameter to the toolsvct.htm diagnostic interface, allowing...

8.6CVSS0.1911EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/18 3:47 p.m.70 views

CVE-2025-54075 mdc vulnerable to XSS in markdown rendering bypassing HTML filter. (N°4)

MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. Prior to version 0.17.2, a remote script-inclusion / stored cross-site scripting vulnerability in @nuxtjs/mdc lets a Markdown author inject a element. The tag rewrites how all subsequent relative...

8.3CVSS0.00302EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/20 6:0 p.m.70 views

CVE-2025-22157

This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...

7.2CVSS0.00445EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/01 6:40 p.m.70 views

CVE-2025-32011 KUNBUS Revolution Pi Authentication Bypass by Primary Weakness

KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal...

9.8CVSS0.22202EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/01 5:20 p.m.70 views

CVE-2025-46565 Vite's server.fs.deny bypassed with /. for files under project root

Vite is a frontend tooling framework for javascript. Prior to versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network usi...

6CVSS0.01077EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/30 4:30 p.m.70 views

CVE-2025-3859 Firefox Focus elide URL allows address bar spoofing

Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage. This vulnerability was fixed in Focus 138...

0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/22 4:32 p.m.70 views

CVE-2025-34028 Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP. This issue affec...

9.3CVSS0.97157EPSS
Exploits5References4
Cvelist
Cvelist
added 2025/01/03 9:31 p.m.70 views

CVE-2024-13129 Roxy-WI roxy.py action_service os command injection

A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function actionservice of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection. The attack can be launched...

9CVSS0.17797EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/11/11 5:52 a.m.70 views

CVE-2024-51793 WordPress RepairBuddy plugin <= 3.8115 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Upload a Web Shell to a Web Server.This issue affects RepairBuddy: from n/a through = 3.8115...

10CVSS0.01794EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/10/31 4:15 p.m.70 views

CVE-2024-51478 Use of a Broken or Risky Cryptographic Algorithm in YesWiki

YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...

9.9CVSS0.00368EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/09/10 4:54 p.m.70 views

CVE-2024-43470 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

...

7.3CVSS0.00855EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/28 7:43 p.m.70 views

CVE-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...

7.6CVSS0.00373EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/08 8:45 p.m.70 views

CVE-2024-38200 Microsoft Office Spoofing Vulnerability

...

6.5CVSS0.19534EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/07/22 5:22 p.m.70 views

CVE-2024-40634 Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to...

7.5CVSS0.01392EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/19 7:48 p.m.70 views

CVE-2024-38355 Unhandled 'error' event in socket.io

Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...

7.3CVSS0.0069EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/21 5:29 p.m.70 views

CVE-2024-22274

The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system...

7.2CVSS7.5AI score0.02488EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/04/12 12:36 p.m.70 views

CVE-2024-31289 WordPress Hello Elementor theme <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Elementor Hello Elementor.This issue affects Hello Elementor: from n/a through 3.0.0...

4.3CVSS5AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/29 12:0 a.m.70 views

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

7.6AI score0.0084EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/01/08 1:20 p.m.70 views

CVE-2024-21645 pyLoad Log Injection

pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in pyload allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. Forged or otherwise, corrupted log files can be used to cover an...

5.3CVSS5.7AI score0.24513EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/12/22 4:19 p.m.70 views

CVE-2023-49790 App PIN code can be bypassed in Nextcloud Files iOS

The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workaroun...

4.3CVSS4.6AI score0.00288EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/07 5:26 a.m.70 views

CVE-2023-28570 Buffer Copy without Checking Size of Input in Audio

Memory corruption while processing audio effects...

6.7CVSS8.1AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/31 5:33 a.m.70 views

CVE-2023-3162 Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to...

9.8CVSS9.8AI score0.00966EPSS
Exploits2References3
Cvelist
Cvelist
added 2023/06/23 2:44 p.m.70 views

CVE-2023-34464 XWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent template

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.2.1 until versions 14.4.8, 14.10.5, and 15.1RC1 of org.xwiki.platform:xwiki-platform-web and any version prior to 14.4.8, 14.10.5, and 15.1.RC1 of...

9CVSS8.8AI score0.00714EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/13 12:0 a.m.70 views

CVE-2023-33695

Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...

7AI score0.00244EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/03/29 9:0 a.m.70 views

CVE-2023-1688 SourceCodester Earnings and Expense Tracker App cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=saveexpense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely...

4CVSS6.2AI score0.00363EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/14 4:36 a.m.70 views

CVE-2023-23857 Improper Access Control in SAP NetWeaver AS for Java

Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services...

9.9CVSS9.5AI score0.00544EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/11 12:0 a.m.70 views

CVE-2022-4543

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation KPTI. This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems...

5.3AI score0.00954EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/10/20 12:0 a.m.70 views

CVE-2022-3620 Exim DMARC dmarc.c dmarc_dns_lookup use after free

A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarcdnslookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is...

5.6CVSS9.7AI score0.00734EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/09/05 6:40 a.m.70 views

CVE-2022-39051 Perl Code execution in Template Toolkit

Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...

6.8CVSS9AI score0.00709EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/22 6:28 p.m.70 views

CVE-2022-32778

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the...

7.5CVSS7.5AI score0.01983EPSS
Exploits0References2
Total number of security vulnerabilities5000